Protecting critical infrastructure from cyberattacks continues to evolve from peripheral concerns to very real critical threats. The breadth and scale of critical infrastructure protection (CIP) ranges from electricity and natural gas energy supply to public safety communications, and the next frontier is water supply and storage. With high-profile cybersecurity attacks in 2021, such as those at Colonial Pipeline and JBS Foods, there is no doubt that cybersecurity is of utmost importance, and cybersecurity for the water sector is no exception.
The Biden-Harris Administration recently announced that it will extend the Industrial Control Systems (ICS) Cybersecurity Initiative to the water sector through the Water and Wastewater Sector Action Plan, committing to evaluating and improving this sector’s cybersecurity. Hackers are continuously searching for a weak link, and combined with continuously evolving cybersecurity threats, utilities, grid operators and CIP providers may not have the internal expertise necessary to meet the ongoing challenge.
An example of action can be seen through the city of Moline, Illinois coming together to assess its own city water utility condition. The facility first switched to using computers in the early 2000s, but some programs and hardware haven't been replaced since then. As part of the American Water Infrastructure Act of 2018, the city did a risk and resilience assessment in 2021.
The main necessary upgrade would be for the Supervisory Control and Data Acquisition (SCADA) computer program. The city of Moline's two wastewater treatment plants already use the platform, which allows for monitoring and control over the entire plant's systems. The plant's programmable logic controllers (PLCs) would also be upgraded. The PLCs are small computers placed throughout the facility that make decisions and feed information to the SCADA. These concerns led the city's utilities department to create a $317,000 plan to improve the systems.
Finding protection through cybersecurity solutions
With the security and sanctuary of American life at risk, it’s an understatement to say security leaders must ensure that water storage and treatment plants have the highest level of protection. True security begins with the implementation of a comprehensive platform that deals specifically with cybersecurity risks to water plants. Holistic and comprehensive solutions are needed to lock all potential doors cyberattackers can enter, provide 24/7 monitoring of network traffic, and then detect, analyze and provide alerts when a cybersecurity, malware or virus threat occurs. This provides decision-makers with visibility into the cyber risks and presents the steps to remove or reduce those risks. By enacting this type of holistic approach, cybersecurity experts review frequent reports and are available to answer a broad scope of questions regarding additional concerns.
Furthermore, water plant managers may be provided with an on-demand assessment of endpoints that are connected to the organization’s network, including servers, industrial control systems, desktops and laptops, smartphones and more. This gives CIP organizations and stakeholders an up-to-date view of vulnerabilities in operating systems and applications with needed daily reports into cyberthreats for this most critical infrastructure. Development of a CIP providers cultural awareness that is focused on real time operational cyber based anomalies empower organizations with recommendations and prioritization of the risks that must be addressed with specific guidance on remediation.
Cybercrime just might be one of the more dangerous risks security leaders face, with hackers lurking around the corner in so many aspects of daily life. Cyberattacks are only becoming more and more common; in fact, the Federal Bureau of Investigation (FBI) ranks cybercrime as one of the most important law enforcement activities. There is a long history of cyberattacks in industries ranging from large pipelines to public safety organizations, and critical infrastructures like water treatment and supply systems are now coming under frequent attack. These plants are prime targets for cyberattacks because many of them serve communities with fewer than 50,000 residents, which often forces budget-challenged municipalities to make tough decisions regarding what gets cybersecurity funding at a local level, and these under-investments can potentially lead to disaster.